Medium severity5.9NVD Advisory· Published May 7, 2025· Updated Jun 17, 2026No known patch
CVE-2025-47615
No known patch is available for this vulnerability.
The affected plugin has not been updated on WordPress.org since before this CVE was disclosed; the latest installable version is still vulnerable. If you have the affected software installed, you should uninstall or replace it rather than wait for an update.
CVE-2025-47615
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flowdee Amazon Product in a Post amazon-product-in-a-post-plugin allows Stored XSS.This issue affects Amazon Product in a Post: from n/a through <= 5.2.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=5.2.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.